The hardware wallet does all of the proper paper wallet procedures for you in a user friendly way. Offline key generation, offline storage, offline transaction signing. Following this procedure exactly with paper wallets can be a bit arduous, leading people to cut corners, and in so doing sacrifice some security. How many people really import their private paper wallet key into an offline computer and sign the transaction from that offline PC? A common trade off here was to split your coins across multiple paper wallets so you could import them as needed into an online PC without risking losing all of them if the PC was compromised, but then you have the added inconvenience of managing all these different wallets, etc. So in general the hardware wallets are just much more user friendly.
Ya, Amazon is fine, but at least in my country the prices from the resellers are insane!
edit: aargh! sorry @drehb, I didn’t see you’ve already replied.
Good questions! I forgot to mention the idea of hardware wallets is isolation from the possibly infected operating system of a p.c. or mobile (cell phone). They also tend to have screens and hardware buttons so that transaction information can be safely verified.
I won’t say that the security of hardware wallets is perfect, because with enough resources people come up with some very clever ways of hacking things. It’s soooo much more secure than general software wallets though. Here is more detail about some aspects which spring to mind:
Hardware wallets (HW wallets) isolate the private keys from your desktop or mobile operating system. When you carry out a transaction it is the HW wallet which signs the transaction, using the private keys contained within. The signed transaction can be safely passed to the software wallet because it cannot be tampered with. The cryptography involved means that amounts, addresses et cetera cannot be adjusted.
On a good HW wallet the amount and the addresses have to be verified before the transaction is signed. For example on the Nano S there is a screen which shows you this information, and you must use the hardware buttons on the HW wallet to confirm. Again, this is isolated from the general operating system for security. Software wallets are vulnerable here. For example there are reports that there is malware which on Windows can monitor the clipboard, looking for bitcoin addresses. It can replace an address with one belonging to the attacker, therefore stealing money. I think it can even hide, in the UI, that it has changed the address!
The hardware buttons on the HW wallet also have to be used when entering the PIN or the wallet passphrase. This should avoid the keyloggers which are so dangerous with software wallets.
I think it could be worded better, but it’s hard to convey information concisely sometimes. It’s possibly more difficult for the LedgerWallet team because it’s a French company.
I’d agree there’s little practical difference. You do have to trust the hardware and it’s firmware though. I need to look into whether or not there are good ways to verify the integrity. With a new device I would do small test transactions for starters. When generating keys for paper wallets the software should be verified too. (Is there anyone attempting to generate keys by hand by the way? I wonder how long this would take?!).
You’ve got the gist.
By the way I feel like a fraud! I’m a manual worker. I don’t even know how any programming languages. I have intended to learn for years, but I STILL haven’t done it. How lame!..
Still trust my information?
This makes sense, but you could argue it depends upon which attack angles most worry you. From @drehb 's earlier post:
If this is the threat it may be a good idea to have one wallet on your HW wallet which is used as a hot wallet. You can then have hidden wallets and some ‘plausible deniablity’. I probably shouldn’t be saying this in case I get a HW wallet and someone decides to track me down!
I’m only pointing out pros and cons, I don’t disagree with you @BIGbtc
As a point of interest I think I’m right in saying that any bitcoin address from which a transaction has ever been sent is inherently less secure than one which has only ever received bitcoin. Even if the transaction was made offline and then broadcast to the bitcoin network. This is not currently a concern however. I believe that this is a theoretical issue relating to the nature of the cryptography, and could only become a real world threat in the future (quantum computing). If anyone wants me to elaborate, or disagrees with me please say so. I’ll have to dig up the information then though!
Well, in that there is really no “from” address in Bitcoin, that argument can be made as we refer to the risks of a public address linking to private key during import on a paperwallet. In a hard ware wallet the private key does not see the internet. Or am I not understandi g your point? I think I do, maybe not.
I’ve found the information to back up this claim in this podcast with Arthur Falls and cryptographer Dan Boneh. The whole podcast is very informative and I recommend listening to the whole thing, but the link points to the appropriate section. The explanation is about one and a half minutes long.
To sum it up - in the future quantum computers should be able to use Shor’s algorithm to break bitcoin’s transaction signatures. The weak point is the public key of the sending address, which is published on the blockchain as part of a transaction. There is a distinction between a bitcoin address and it’s public key. The address is generated by hashing the public key. When you create a cold wallet and send bitcoin to it there is no need to broadcast the public key, only the address, so it is safe from this specific attack. If you ever send bitcoin from a cold wallet, even signing the transaction offline, the public key is revealed on the blockchain, and the address hypothetically becomes vulnerable to this attack. I must stress that this is not currently a problem, and I’m sure this attack will be mitigated by the time we get there!
edit: I hope I’ve got this information right!
I’d like to add that the crucial part is to not reveal your public key. It doesn’t matter if you reveal your address.
My questions were about equivalent software wallets not paper wallets
From what I’ve learned so far I’ll try to summarise:
- whatever wallet you use, you will have to keep something secure (passphrase, seed words, private key etc), usually physically printed on paper because a secure enough seed / phrase / password is unfeasible to remember.
- a paper wallet is simple in functionality and operation, but a bit too technical for many to handle safely with confidence (as @drehb points out in his reply to me from which I have quoted). Signing a transaction for a paper wallet normally makes the wallet insecure because there is a risk that the private key was compromised by exposing it on the machine used to broadcast the transaction on the Internet, so once used any coins remaining at the address should immediately be swept to a new paper wallet and the address discarded.
- a BIP39 hardware or software wallet simplifies the user interface and also adds the ability to generate and manage multiple wallets (addresses) which can all be recovered from a single ‘seed’, and can also sign transactions without exposing the private keys. In the case of a hardware wallet this can be done on any machine whereas to do this with a software wallet one needs an isolated machine (old laptop, raspberry pi etc) which you never allow to be connected to a network (so you transfer signed transactions from the isolated /offline machine to the online machine using a USB stick, or for truly maintaining the air-gap, by capturing a QR code displayed by the isolated/offline machine).
- a BIP39 hardware wallet has the advantage that you can sign transactions on any machine without exposing your private key, and without needing to use two machines (one offline and one online). The ledger nano s for example: using a PIN for a default wallet, or passwords for the other wallets also accessible on the device.
EDIT: PS Thanks @Runswick for your expansion. Your study and sharings are helpful and show that you don’t need to be a programmer to learn about this. If you didn’t get everything right in a forum like this I’m sure somebody would politely, or not point it out . Also thanks @MerkleTree & @drehb for helping me out.
Perfect. But they key to paperwallet is they get used once. So let’s say you have $100,000 to store for an extended period of time but may need some to live in an emergency… Always plan for some spending of cold-storage Split the storage across 5 or 10 wallets with one wallet being equal to an emergency fund like $5k. Sweep that wallet when needed. Send anything remaining back to a new wallet if necessary. Paper wallets are all or nothing.
I did mention that paper wallets should be ‘once only’ but I think your point about how to manage them is also worth noting. Depends on the expected use though.
I read from this part that it wasn’t a complete sweep. “Coins remaining” . But it was an excellent summary.,!!!
I’m quoting from my reply. Sorry.
Let me be clear with my point on paperwallet. There should not be spending from a paper wallet. Only a sweep of the entire contents to a Hot-Wallet. Then do not reuse paper wallet. And do not ever throw away a used paper wallet. Things happen and it could one day end up with a balance.
Thanks for your kind words @happybeing, much appreciated! I have to ask though - did you send this from a smart phone? It looks like auto-predict has interfered in a few places! Ha hah ha hah hah ahahahah haha!
edit: I now feel guilty for poking fun.
I think that the signed transaction can be displayed in a QR code actually, so that the offline PC can stay truly air gapped.
Create secure address with dices to store Maidsafe coins on a paper wallet
Another thing about hardware wallets is that they should be backed up with cryptosteel, otherwise you could lose access to the funds in case of hardware failure.
If you want to store a private key in WIF or WIFC format (https://en.wikipedia.org/wiki/Base58, 51 or 52 characters long), you better not order a Cryptosteel MNEMONIC (where your url is linked to), but a ANYKEY or MIX. You also need numbers, not only letters…
Yeah, the Cryptosteel MNEMONIC is for BIP39 mnemonic codes and that’s what the Ledger Nano S uses for backup at least. Cryptosteel MIX is best if you may want to use it for multiple things.
That is such a hilarious and underrated point. Luckily, it seems like projects like this are hard at work to make everything safer in general (
… Right? Super excited for the official launch
I’ve verified that the Ledger Nano S is fine for long term storage of MaidSafeCoin, if used correctly. I will come back here when I’ve more time to elaborate on what I mean by “if used correctly”.
@neo, I’ve done what you suggested:
Essentially, I’ve done this. I actually went a step further and carried out the necessary transactions.
My follow up post, when I’ve time, will explain security considerations relating to any other cryptostuff held on the Ledger Nano S when the time comes to move your MaidSafeCoins. It’s possible in my judgement to keep other coins on there, without changing the seed phrase, after you’ve moved your MaidSafeCoin off the hardware wallet, so long as you do it right…
That is great to hear.
So now there are two safe alternatives for storing maid - paper and h/w wallet